Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-17Palo Alto Networks Unit 42Brad Duncan
Emotet Summary: November 2021 Through January 2022
Emotet
2022-05-12Palo Alto Networks Unit 42Tyler Halfpop
Harmful Help: Analyzing a Malicious Compiled HTML Help File Delivering Agent Tesla
Agent Tesla
2022-05-06Palo Alto Networks Unit 42Chris Navarrete, Durgesh Sangvikar, Siddhart Shibiraj, Yanhui Jia, Yu Fu
Cobalt Strike Analysis and Tutorial: CS Metadata Encoding and Decoding
Cobalt Strike
2022-04-25paloalto Networks Unit 42Mark Lim
Defeating BazarLoader Anti-Analysis Techniques
BazarBackdoor
2022-04-08Palo Alto Networks Unit 42Inbal Shalev, Irena Damsky, Shimi Cohen
New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns
solarmarker
2022-03-31Palo Alto Networks Unit 42Haozhe Zhang, Ken Hsu, Qi Deng, Tao Yan
CVE-2022-22965: Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell)
2022-03-24Palo Alto Networks Unit 42Unit 42
Ransomware Threat Report 2022
2022-02-25paloalto Networks Unit 42Unit 42
Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot
Saint Bot
2022-02-24paloalto Networks Unit 42Unit 42
SockDetour – a Silent, Fileless, Socketless Backdoor – Targets U.S. Defense Contractors
TiltedTemple
2022-02-22Palo Alto Networks Unit 42Unit 42
Russia-Ukraine Crisis: How to Protect Against the Cyber Impact
HermeticWiper
2022-02-15Palo Alto Networks Unit 42Brad Duncan, Micah Yates, Saqib Khanzada, Tyler Halfpop
New Emotet Infection Method
Emotet
2022-02-03Palo Alto Networks Unit 42Unit 42
Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated June 22)
Pteranodon Gamaredon Group
2022-02-03Palo Alto Networks Unit 42Unit 42
Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine
Pteranodon Gamaredon Group
2022-01-27Palo Alto Networks Unit 42Alex Hinchliffe, Amanda Tanner, Doel Santos
Threat Assessment: BlackCat Ransomware
BlackCat
2022-01-25Palo Alto Networks Unit 42Yaron Samuel
Weaponization of Excel Add-Ins Part 1: Malicious XLL Files and Agent Tesla Case Studies
Agent Tesla
2022-01-20Palo Alto Networks Unit 42Josh Grunzweig, Mike Harbison, Robert Falcone
Threat Brief: Ongoing Russia and Ukraine Cyber Conflict
WhisperGate
2021-12-29Palo Alto Networks Unit 42Daiping Liu, Jielong Xu, Wanjin Li, Zhanhao Chen
Strategically Aged Domain Detection: Capture APT Attacks With DNS Traffic Trends
Chrysaor SUNBURST
2021-12-02Palo Alto Networks Unit 42Peter Renals, Robert Falcone
APT Expands Attack on ManageEngine With Active Campaign Against ServiceDesk Plus
Godzilla Webshell
2021-11-17Twitter (@Unit42_Intel)Unit 42
Tweet on Matanbuchus Loader used to deliver Qakbot (tag obama128b) and follow-up CobaltStrike
Cobalt Strike QakBot
2021-11-07Palo Alto Networks Unit 42Jeff White, Peter Renals, Robert Falcone
Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer
Godzilla Webshell NGLite